1. Home
  2. AML


Top 7 legal and compliance jobs in the crypto market

Explore essential skills for top legal and compliance jobs in the crypto market.

Cryptocurrencies are a rapidly growing market that is changing how people invest, buy and sell goods and services, and transfer money. However, with the growth of this market comes an increasing need for legal and regulatory compliance, particularly concerning issues such as money laundering, fraud and data protection.

As a result, there is a demand in the cryptocurrency sector for legal and compliance specialists. The positions listed below are just a few examples of the various legal and compliance positions available in the cryptocurrency sector. Each one is crucial to ensuring that the market functions fairly, openly and lawfully.

Compliance officer

A compliance officer in the crypto market is responsible for ensuring that the company complies with all relevant laws and regulations, including Anti-Money Laundering (AML) and Know Your Customer (KYC) requirements. 

Knowing the relevant laws and regulations, having strong analytical and problem-solving abilities, and having the capacity to effectively interact with internal and external stakeholders are all necessary qualifications for this position.

Legal counsel

A legal counsel in the crypto market provides legal advice and support to the company on a range of legal issues, including regulatory compliance, contracts, intellectual property, and data protection.

Legal counsels in the crypto world require unique skills due to the complex and evolving nature of the cryptocurrency market. This also entails technological and legal skills. Legal counsels need to know the rules and legislation that apply to cryptocurrencies and other digital assets, as well as the underlying technologies like blockchain and smart contracts. Additionally, they must be able to handle the dynamic regulatory environment of the cryptocurrency business.

They must also have exceptional analytical and problem-solving abilities to decipher complicated legal and technical data, giving clients clear and succinct advice. Additionally, legal counsels must have strong communication and negotiation skills to represent clients effectively in legal proceedings or negotiations.

Compliance analyst

A compliance analyst in the crypto market is responsible for monitoring the company’s compliance with regulatory requirements, conducting risk assessments, and developing and implementing compliance policies and procedures.

Skills required for this role include strong analytical and problem-solving skills, knowledge of relevant laws and regulations, and the ability to work independently and as part of a team.

KYC/AML analyst

A KYC/AML analyst checks consumers to ensure they adhere to AML and KYC standards in the crypto market. KYC/AML analysts in the crypto market require attention to detail, knowledge of regulations, risk assessment, investigative skills, data analysis, and communication skills to ensure compliance with Anti-Money Laundering and Know Your Customer requirements.

Related: What is KYC, and why do crypto exchanges require it?

Regulatory affairs manager

A regulatory affairs manager in the crypto market is responsible for monitoring regulatory developments, analyzing the impact on the company and developing strategies to ensure compliance. 

Regulatory affairs managers in the crypto industry require skills such as adeptness with compliance frameworks, knowledge of regulatory policies, proficiency in navigating legal requirements and the ability to develop strategic solutions to meet regulatory obligations.

Chief compliance officer

The chief compliance officer in the crypto market is responsible for overseeing the company’s compliance function, ensuring that the company complies with all relevant laws and regulations, and developing and implementing compliance policies and procedures.

Related: How are metaverse assets taxed?

Chief compliance officers in the crypto market require skills such as leadership, stakeholder management, strategic planning, risk assessment, and adeptness with compliance frameworks and regulatory policies to ensure effective compliance management and risk mitigation.

Data protection officer

A data protection officer in the crypto market is responsible for ensuring that the company complies with data protection laws and regulations, such as the General Data Protection Regulation (GDPR).

Data protection officers in the crypto industry require advanced knowledge of privacy regulations, expertise in data governance, proficiency in implementing security protocols, and the ability to ensure data confidentiality, integrity and availability.

Circle announces USDC launch for Cosmos via Noble network

Elizabeth Warren Blames ‘Crypto Risk’ for Silvergate Bank’s Liquidation, Critics Dismiss Senator’s Claims as ‘Terribly Misinformed’

Elizabeth Warren Blames ‘Crypto Risk’ for Silvergate Bank’s Liquidation, Critics Dismiss Senator’s Claims as ‘Terribly Misinformed’After Silvergate Bank announced its voluntary liquidation, U.S. senator Elizabeth Warren is attributing the financial institution’s downfall to “crypto risk.” According to Warren, she had previously warned about Silvergate. However, some critics are dismissing Warren’s opinion as “terribly misinformed” and claim that she is “tossing out egregious accusations.” Crypto Proponents Offer Different Perspectives on Silvergate […]

Circle announces USDC launch for Cosmos via Noble network

Banks with crypto services require new Anti-Money Laundering capabilities

Large financial institutions are getting involved in digital assets by investing capital, time and effort into on-chain analytics solutions.

The new year began with the news that notable Web3 entrepreneur Kevin Rose fell victim to a phishing scam in which he lost over $1 million worth of nonfungible tokens (NFTs). 

As mainstream financial institutions begin to provide services related to Web3, crypto and NFTs, they would be custodians of client assets. They must protect their clients from bad actors and identify whether client assets have been obtained through illicit activities.

The crypto industry hasn’t made it easy for Anti-Money Laundering (AML) functions within organizations. The sector has innovated constructs like cross-chain bridges, mixers and privacy chains, which hackers and crypto thieves can use to obfuscate stolen assets. Very few technical tools or frameworks can help navigate this rabbit hole.

Regulators have recently come down hard on some crypto platforms, pressuring centralized exchanges to delist privacy tokens. In August 2022, Dutch police arrested Tornado Cash developer Alexey Pertsev, and they have worked on controlling transactions through mixers since then.

While centralized governance is considered antithetical to the Web3 ethos, the pendulum may have to swing in the other direction before reaching a balanced middle ground that protects users and doesn’t curtail innovation.

And while large institutions and banks have to grapple with the technological complexities of Web3 to provide digital assets services to their clients, they will only be able to provide suitable customer protection if they have a robust AML framework.

AML frameworks will need several capabilities that banks must evaluate and build. These capabilities could be built in-house or achieved by collaborating with third-party solutions.

A few vendors in this space are Solidus Labs, Moralis, Cipher Blade, Elliptic, Quantumstamp, TRM Labs, Crystal Chain and Chainalysis. These firms are focused on delivering holistic (full-stack) AML frameworks to banks and financial institutions.

For these vendor platforms to deliver a holistic approach to AML around digital assets, they must have several inputs. The vendor provides several of these, while others are sourced from the bank or institution they work with.

Data sources and inputs

Institutions need a ton of data from varied sources to effectively identify AML risks. The breadth and depth of data an institution can access will decide the effectiveness of its AML function. Some of the key inputs needed for AML and fraud detection are below.

The AML policy is often a broad definition of what a firm should watch for. This is generally broken down into rules and thresholds that will help implement the policy. 

An AML policy could state that all digital assets linked to a sanctioned nation-state like North Korea must be flagged and addressed.

The policy could also provide that transactions would be flagged if more than 10% of the transaction value could be traced back to a wallet address that contains the proceeds of a known theft of assets.

For instance, if 1 Bitcoin (BTC) is sent for custody with a tier-one bank, and if 0.2 BTC had its source in a wallet containing the proceeds of the Mt. Gox hack, even if attempts had been made to hide the source by running it through 10 or more hops before reaching the bank, that would raise an AML red flag to alert the bank to this potential risk.

Recent: Death in the metaverse: Web3 aims to offer new answers to old questions

AML platforms use several methods to label wallets and identify the source of transactions. These include consulting third-party intelligence such as government lists (sanctions and other bad actors); web scraping crypto addresses, the darknet, terrorist financing websites or Facebook pages; employing common spend heuristics that can identify crypto addresses controlled by the same person; and machine learning techniques like clustering that can identify cryptocurrency addresses controlled by the same person or group.

Data gathered through these techniques are the building block to the fundamental capabilities AML functions within banks and financial services institutions must create to deal with digital assets.

Wallet monitoring and screening

Banks will need to perform proactive monitoring and screening of customer wallets, wherein they can assess whether a wallet has interacted directly or indirectly with illicit actors like hackers, sanctions, terrorist networks, mixers and so on.

Illustration of assets in a wallet categorized and labeled. Source: Elliptic

Once labels are tagged to wallets, AML rules are applied to ensure the wallet screening is within the risk limits.

Blockchain investigation

Blockchain investigation is critical to ensure transactions happening on the network do not involve any illicit activities.

An investigation is performed on blockchain transactions from ultimate source to ultimate destination. Vendor platforms offer functionalities such as filtering on transaction value, number of hops or even the ability to identify on-off ramp transactions as part of an investigation automatically.

Illustration of Elliptic platform tracing a transaction back to the dark web. Source: Elliptic

Platforms offer a pictorial hop chart showing every single hop a digital asset has taken through the network to get from the first to the most recent wallet. Platforms like Elliptic can identify transactions that even stem from the dark web.

Multiasset monitoring

Monitoring risk where multiple tokens are used to launder money on the same blockchain is another critical capability that AML platforms must have. Most layer 1 protocols have several applications that have their own tokens. Illicit transactions could happen using any of these tokens, and monitoring must be broader than just one base token.

Cross-chain monitoring

Cross-chain transaction monitoring has come to haunt data analysts and AML experts for a while. Apart from mixers and dark web transactions, cross-chain transactions are perhaps the hardest problem to solve. Unlike mixers and dark web transactions, cross-chain asset transfers are commonplace and a genuine use case that drives interoperability.

Also, wallets that hold assets that hopped through mixers and the dark web can be labeled and red-flagged, as these are considered amber flags from an AML perspective straightaway. It wouldn’t be possible just to flag a cross-chain transaction, as it is fundamental to interoperability.

AML initiatives around cross-chain transactions in the past have been a challenge as cross-chain bridges can be opaque in the way they move assets from one blockchain to another. As a result, Elliptic has come up with a multitiered approach to solving this problem.

An illustration of how a cross-chain transaction between Polygon and Ethereum is identified as having its source with a crypto mixer — a sanctioned entity. Source: Elliptic

The simplest scenario is when the bridge provides end-to-end transparency across chains for every transaction, and the AML platform can pick that up from the chains. Where such traceability is not possible due to the nature of the bridge, AML algorithms use time value matching, where assets that left a chain and arrived at another are matched using the time of transfer and the value of the transfer.

The most challenging scenario is where none of those techniques can be used. For instance, asset transfers to the Bitcoin Lightning Network from Ethereum can be opaque. In such cases, cross-bridge transactions can be treated like those into mixers and the dark web, and will generally be flagged by the algorithm due to the lack of transparency.

Smart contract screening 

Smart contract screening is another crucial area to protect decentralized finance (DeFi) users. Here, smart contracts are checked to ensure there are no illicit activities with the smart contracts that institutions must be aware of.

This is perhaps most relevant for hedge funds wanting to participate in liquidity pools in a DeFi solution. It is less important for banks at this point, as they generally do not participate directly in DeFi activities. However, as banks get involved with institutional DeFi, smart contract-level screening would become extremely critical.

VASP due diligence

Exchanges are classed as Virtual assets service providers (VASPs). Due diligence will look at the exchange’s overall exposure based on all addresses associated with the exchange.

Some AML vendor platforms provide a view of risk based on the country of incorporation, Know Your Customer requirements and, in some cases, the state of financial crime programs. Unlike previous capabilities, VASP checks involve both on-chain and off-chain data.

Recent: Tel Aviv Stock Exchange’s crypto trading proposal a ‘closed-loop system’

AML and on-chain analytics is a fast-evolving space. Several platforms are working toward solving some of the most complex technology problems that would help institutions safeguard their client assets. Yet, this is a work in progress, and much needs to be done to have robust AML controls for digital assets.

Circle announces USDC launch for Cosmos via Noble network

India subjects crypto transactions to anti-money laundering law

The operators face an obligation to store the transactions’ data for ten years and pass it to regulators on demand.

While there’s nothing new in imposing anti-money laundering (AML) standards on crypto, it is only now that the Indian government has decided to notify all interested parties of the obligation to comply with the national AML law. 

On March 7, The Gazette of India published a notification from the Ministry of Finance, subjecting a range of transactions with crypto to the Prevention of Money-Laundering Act (PLMA) 2002 — namely the exchange, transfers, safekeeping and administration of virtual assets. Financial services related to an issuer’s offer and sale of virtual assets also fall under the PMLA.

The notification doesn’t provide many details, but the PML Act obliges financial institutions to maintain a record of all transactions for the last ten years, furnish these records to the officials if demanded, and verify the identity of all the clients.

Written right on time when regulators all over the globe are tightening the AML standards for crypto, the notification will nevertheless complicate the life of crypto companies in India. And it already has not been too comfortable in recent years. From March 2022, according to amended tax rules, digital assets holdings and transfers are subject to a 30% tax.

Related: India explores offline functionality of CBDCs — RBI executive director

​​Trading volume on major cryptocurrency exchanges across India dropped by 70% within 10 days of the new tax policy and almost 90% in the next three months. The rigid tax policy drove crypto traders to offshore exchanges and forced budding crypto projects to move outside India.

In February 2023, Indian authorities once again demonstrated their tough stance on cryptocurrencies with a preemptive ban on crypto advertising and sponsorships in the local women’s cricket league. This followed a previous ban for the men’s cricket Premier League, introduced back in 2022.

In 2023, while celebrating India’s first presidency at G20, the country’s Finance Minister, Nirmala Sitharaman, urged international efforts to regulate crypto. She called for a coordinated effort “for building and understanding the macro-financial implications,” which could be used to reform crypto regulation globally.

Circle announces USDC launch for Cosmos via Noble network

Coinbase CEO hints its new layer-2 network could include AML measures

Brian Armstrong said centralized firms have a responsibility to monitor transactions and carry out AML checks.

Coinbase chief executive Brian Armstrong has hinted that the firm’s new Layer-2 blockchain network Base may be subjected to transaction monitoring and anti-money laundering measures at launch.

In an interview with Joe Weisenthal on Bloomberg Radio on Mar. 6, Armstrong acknowledged that Base has some centralized components today, adding “it will be more and more decentralized over time.”

However, he then suggested that there will be transaction monitoring and AML requirements for users of the new layer-2 network.

He suggested that Coinbase will have a responsibility in terms of transaction monitoring in the early days, adding:

“I think that the centralized actors are the ones that are probably going to have the most responsibility to avoid money laundering issues and having transaction monitoring programs and things like that.”

Armstrong’s comments were also highlighted up by decentralization advocate Chris Blec in a Twitter post on Mar. 7.

Base is an Ethereum layer-2 network that offers a secure, low-cost, developer-friendly way for users to build decentralized apps, according to Coinbase.

It is being developed with the “OP Stack” used by Optimism which will enable high-speed transactions on Ethereum. Base was unveiled on Feb. 23 and is currently in the testnet phase, Coinbase has yet to provide a mainnet launch date but it is expected in Q2, 2023.

Blec has previously warned about Coinbase’s latest layer-2 offering in a blog post released in late February, five days after the firm announced Base.

He said that layer-2 infrastructure was quite centralized because they use “sequencers” which are “nodes that construct and execute L2 blocks while transmitting users’ actions from L2 to L1.”

Coinbase, a licensed money transmitter, will be operating the sole sequencer for Base. This raised the question of whether Base would also legally require know-your-customer (KYC) requirements making it the first ever L2 to do so.

Related: L2 is crucial to Ethereum decentralization, censorship resistance, says researcher

Coinbase hasn’t confirmed or denied whether Base would be implementing KYC and AML measures. Blec commented:

“Isn’t it ironic that “DeFi” is heading toward being controlled by the entities that it was originally supposed to be battling?”

However, the crypto community and Ethereum advocates have said Base was a “massive confidence vote” for Ethereum.

Cointelegraph reached out to Coinbase for comment but has not received a response by the time of publication.

Circle announces USDC launch for Cosmos via Noble network

UBS Strategists Predict Minimal Impact of Upcoming Mt Gox Payouts on Bitcoin Value

UBS Strategists Predict Minimal Impact of Upcoming Mt Gox Payouts on Bitcoin ValueA recent report published by market strategists from the investment bank and financial services company UBS says that the upcoming Mt Gox payouts won’t destabilize bitcoin’s value. While a new supply will come to the market, UBS strategists insist that “it would be less concentrated.” UBS Market Strategists Believe Mt Gox Payouts Won’t Destabilize Bitcoin’s […]

Circle announces USDC launch for Cosmos via Noble network

FATF agrees on roadmap for implementation of crypto standards

Part of the FATF's ‘Travel Rule’ includes recommendations that financial institutions obtain information on the originators and beneficiaries of certain crypto transactions.

The Financial Action Task Force, or FATF, reported its delegates had come to an agreement on an action plan “to drive timely global implementation” of global standards on cryptocurrencies.

In a Feb. 24 publication, the FATF said the plenary for the financial watchdog — consisting of delegates from more than 200 jurisdictions — met in Paris and came to a consensus on a roadmap aimed at strengthening “implementation of FATF Standards on virtual assets and virtual asset service providers”. According to the task force, in 2024 it will report on how FATF members have moved forward on implementing the crypto standards, which includes regulation and supervision of VASPs.

“The lack of regulation of virtual assets in many countries creates opportunities that criminals and terrorist financiers exploit,” said the report. “Since the FATF strengthened its Recommendation 15 in October 2018 to address virtual assets and virtual asset service providers, many countries have failed to implement these revised requirements, including the ‘travel rule’ which requires obtaining, holding and transmitting originator and beneficiary information relating to virtual assets transactions.”

Part of the FATF's ‘Travel Rule’ includes recommendations that VASPs, financial institutions, and regulated entities in member jurisdictions obtain information on the originators and beneficiaries of certain virtual currency transactions. As of April 2022, the financial watchdog reported that many countries were not in compliance with its standards on Combating the Financing of Terrorism (CFT) and Anti-Money Laundering (AML).

Related: AML and KYC: A catalyst for mainstream crypto adoption

Japan, South Korea and Singapore have been among the countries seemingly most willing to implement regulations in accordance with the travel rule. Some nations including Iran and North Korea have reportedly been placed on the FATF’s ‘grey list’ for monitoring suspicious financial activity.

Circle announces USDC launch for Cosmos via Noble network

ShapeShift responds to Sen. Warren’s comments to ‘set the record straight’

Switzerland-based crypto platform claimed Warren made “mistakes” in comments at a recent senate hearing, and encouraged her to “constructively engage” with its community.

Non-custodial crypto platform ShapeShift refuted United States Senator Elizabeth Warren’s claims of "illicit financing,” suggesting that she used the platform as a scapegoat to “push” her latest crypto bill, according to a recent statement.

ShapeShift stated in a tweet on Feb. 19 that Warren made “mistakes” in her “analysis” of the platform, at a recent senate banking committee hearing entitled “Crypto Crash: Why Financial System Safeguards are Needed for Digital Assets,” on Feb. 14.

In a follow-up tweet, ShapeShift denied Warren’s comments regarding its involvement with “illicit financing,” stating it “never handles user funds,” and has no ability to “facilitate this.”

This comes after Warren suggested at the senate hearing that ShapeShift had ulterior motives for restructuring itself as a DeFi platform in July 2021.

Warren suggested that the restructure was to encourage people to “launder” money on the platform.

Shapeshift also clarified that it is “not an exchange,” elaborating that it is an open-source crypto dashboard that “connects users” to different protocols and platforms.

It added that it cares about the “same things” as Warren, citing "user safety" and "access to innovation" as a mutual focus.

ShapeShift encouraged Warren and others to “constructively engage” in the topic of financial freedom and innovation with its community, sharing a link to its discussion forum.

This comes only a day after Erik Vorhees, CEO of ShapeShift, took to his personal Twitter on Feb. 18, stating that he is looking forward to Warren “submitting a proposal” to the Shapeshift DAO governance process, in response to her criticism of the platform.

Related: US Sen. Elizabeth Warren says crypto will ruin economy — Community responds

Warren has been a vocal crypto sceptic in recent times, having made comments in an interview on Jan. 25, suggesting that the United States Securities and Exchange Commission (SEC) should “double down” on its crypto enforcement efforts, as the crypto industry is scared for what’s to come next.

She claimed that the previous SEC administration “essentially gave the green light” to open up a cryptocurrency market “full of junk tokens, unregistered securities, rug pulls, Ponzi schemes, pump and dumps, money laundering and sanctions evasions.”

Cointelegraph reached out to ShapeShift for comment but did not receive a response in time of publication.

Circle announces USDC launch for Cosmos via Noble network

South Korea to deploy cryptocurrency tracking system in 2023

The ‘Virtual Currency Tracking System’ will be used to monitor transaction history, extract information related to transactions and check the source of funds before and after remittance.

The Ministry of Justice in South Korea announced plans to introduce a crypto tracking system to counter money laundering initiatives and recover funds linked to criminal activities.

The ‘Virtual Currency Tracking System’ will be used to monitor transaction history, extract information related to transactions and check the source of funds before and after remittance, according to local media outlet khgames.

While the system is slated to be deployed in the first half of 2023, the South Korean ministry shared plans to develop an independent tracking and analysis system in the second half of the year. A rough translation of the ministry’s statement reads:

“In response to the sophistication of crime, we will improve the forensic infrastructure (infrastructure). We will build a criminal justice system that meets international standards (global standards).”

The South Korean police previously established an agreement with five local crypto exchanges to cooperate in criminal investigations — to create a safe trading environment for crypto investors ultimately.

Related: South Korean prosecutors request arrest warrant for Bithumb owner: Report

The South Korean Supreme Court ruled that crypto exchange Bithumb must pay damages to investors over a 1.5-hour service outage on Nov. 12, 2017.

The finalized ruling from the Supreme Court ordered damages ranging from as little as $6 to around $6,400 be paid to the 132 investors involved.

“The burden or the cost of technological failures should be shouldered by the service operator, not [the] service users who pay commission for the service,” the court stated.

Circle announces USDC launch for Cosmos via Noble network

Coinbase Agrees to $100 Million Settlement With New York Financial Regulator for Anti-Money Laundering Violations

Coinbase Agrees to 0 Million Settlement With New York Financial Regulator for Anti-Money Laundering ViolationsCoinbase has agreed to pay a $100 million settlement with the New York Department of Financial Services (NYDFS), according to a consent order signed by the NYDFS superintendent Adrienne Harris on Jan. 4, 2023. New York’s financial regulator said compliance problems were detected and the exchange’s anti-money laundering controls were inadequate from 2020 through 2021. […]

Circle announces USDC launch for Cosmos via Noble network